US9594917B2 - Secured multi-directional, multi-interface transaction processing - Google Patents
Secured multi-directional, multi-interface transaction processing Download PDFInfo
- Publication number
- US9594917B2 US9594917B2 US13/930,604 US201313930604A US9594917B2 US 9594917 B2 US9594917 B2 US 9594917B2 US 201313930604 A US201313930604 A US 201313930604A US 9594917 B2 US9594917 B2 US 9594917B2
- Authority
- US
- United States
- Prior art keywords
- secure element
- secure
- transaction
- processor
- transaction request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
Definitions
- Embodiments of the present disclosure relate generally to processing secure transactions.
- Conducting transactions electronically is becoming more common, especially conducting transactions from a mobile device.
- a conventional mobile device such as a mobile telephone, laptop computer, tablet computer, and the like
- certain components of a conventional mobile device may not be secure; that is, they may be compromised by a computer virus or a hacker.
- any sensitive or confidential information exchanged during the transaction may be exposed, intercepted, and subsequently used maliciously and without authorization.
- FIG. 1 illustrates an example apparatus for processing a secure transaction.
- FIG. 2 illustrates an example apparatus for processing a secure transaction including plural connectivity devices.
- FIG. 3 illustrates an example method for processing a transaction.
- FIG. 4 illustrates an example method for processing a secure transaction where the illustrated apparatus operates in a “master” mode or a “reader” mode to process the secure transaction.
- FIG. 5 illustrates an example method for processing a secure transaction where the illustrated apparatus operates in a “slave” mode or a “tag” mode to process and respond to a transaction request.
- FIG. 6 illustrates an example method for processing a secure transaction where the illustrated apparatus operates in a “slave” mode or a “tag” mode to establish a communication channel.
- FIG. 7 illustrates an example connectivity device of an apparatus for processing a secure transaction.
- FIG. 8 illustrates an example connectivity device of an apparatus for processing a secure transaction.
- FIG. 1 illustrates an example apparatus 10 for processing a secure transaction.
- the apparatus 10 may be any computing device including, but not limited to, a mobile computing device (such as a laptop computer, a tablet computer, a mobile telephone or smartphone, a “phablet,” a personal digital assistant (PDA), and the like), a wearable computing device (such as a wrist watch or “smart” watch, computerized eyeglasses, an identification badge or device, and the like), and a stationary computing device (such as a personal computer (PC), a desktop computer, cash register, smartcard reader, automated teller machine (ATM), computerized kiosk, and the like).
- a mobile computing device such as a laptop computer, a tablet computer, a mobile telephone or smartphone, a “phablet,” a personal digital assistant (PDA), and the like
- PDA personal digital assistant
- a wearable computing device such as a wrist watch or “smart” watch, computerized eyeglasses, an identification badge or device, and the like
- FIGS. 1-6 Some or all of the components of the apparatuses depicted in FIGS. 1-6 (i.e., 10 , 20 , 30 a , 30 z , 40 , 50 , and 60 ) may be implemented in the same integrated circuit or in different integrated circuits. For example, and with reference to the apparatus 10 of FIG.
- the processor 100 , the secure element 200 , and the connectivity device 300 may each be implemented in the same integrated circuit; or the secure element 200 and the connectivity device 300 may be implemented in the same integrated circuit, and the processor 100 in a different integrated circuit; or the processor 100 and the connectivity device 300 may be implemented in the same integrated circuit, and the secure element 200 in a different integrated circuit; or the processor 100 , the secure element 200 , and the connectivity device 300 may each be implemented in different integrated circuits.
- other components may be included in the apparatuses depicted in FIGS. 1-6 , but may not necessary be required to achieve some or all of the aspects of this disclosure.
- the apparatus 10 of FIG. 1 includes a processor 100 , a secure element 200 , and a connectivity device 300 .
- the processor 100 is communicatively coupled to the secure element 200 and to the connectivity device 300 , and includes interfaces 110 and 130 to communicate with the secure element 200 and the connectivity device 300 , respectively.
- the processor 100 may be any processing device, including, but not limited to, a general purpose processor, a central processing unit (CPU), a microprocessor, an application-specific instruction set processor, and the like.
- the secure element 200 of FIG. 1 is communicatively coupled to the processor 100 and to the connectivity device 300 , and includes interfaces 210 and 220 to communicate with the processor 100 and the connectivity device 300 , respectively.
- the secure element 200 of FIG. 1 includes hardware, software, or a combination of hardware and software for interfacing and communicating with the processor 100 and the connectivity device 300 , and for securely processing transactions. All software described throughout this disclosure may be embodied as one or more instructions on a non-transitory computer readable medium.
- the secure element 200 is an integrated circuit or chip that is embedded in a printed circuit board (PCB)—such as a motherboard, mainboard, logic board, and the like—along with other components of the apparatus 10 .
- the secure device 200 is disposed in a subscriber identity module or subscriber identification module (SIM) that can be coupled to and communicate with the apparatus 10 via an interface.
- SIM subscriber identity module
- SD secure digital
- the secure element 200 is disposed in a secure digital (SD) card that can be coupled to and communicate with the apparatus 10 via an interface.
- the secure element 200 is implemented as a smartcard chip, and communicates with other components by sending and receiving one or more application protocol data units (APDUs).
- APDUs application protocol data units
- the secure element 200 includes the application 201 —which, because it is executed on the secure element 200 , may be referred to as a “secure application.”
- the application 201 which may be an applet, or any other set of executable instructions—may be activated by the secure element 200 to process a transaction, such as a secure transaction.
- Financial transactions (such as sending or receiving a payment), personal identification, the exchange of sensitive or confidential information (such as exchanging personal contact information, or personal medical information), and the establishment of a secure communication channel (or link) are non-limiting examples of secure transactions.
- the application 201 may represent plural applications, applets, and the like.
- the secure element 200 includes an application for each “type” of transaction that may be conducted by the secure element 200 .
- the secure element 200 may include a first application for processing secure financial transactions, a second application for the secure exchange of sensitive or confidential information, and a third application for establishing a secure communication channel.
- the secure element 200 may include an application for each vendor, party, or device that the apparatus 10 conducts a transaction with.
- the secure element 200 may include a first application for conducting a secure financial transaction with a first banking institution, and a second application for conducting a secure financial transaction with a second banking institution.
- the processor 100 may not be trusted or secure—it may be compromised by a computer virus or a hacker, and any sensitive or confidential information used by the processor 100 may be exposed.
- the secure element 200 includes all necessary hardware (e.g., processor, memory, etc.) and software to process a secure transaction without requiring the processor 100 (or any other component) to process any of the transaction. That is, in these embodiments, the entire transaction is processed by the secure element 200 ; as opposed to processing part or all of the transaction at the processor 100 (or any other component).
- the secure element 200 receives a request from either the processor 100 or the communication device 300 to process a secure transaction.
- the secure element 200 identifies the type of transaction requested, and activates an appropriate application residing on the secure element 200 (such as application 201 ), which processes the transaction.
- an appropriate application residing on the secure element 200 such as application 201
- This example illustrates that, while the secure element 200 may communicate with the processor 100 or the communication device 300 (or both) to obtain information regarding a transaction, the entire transaction may be processed by the secure element 200 .
- the connectivity device 300 is communicatively coupled to the processor 100 and to the secure element 200 .
- the connectivity device 300 includes interfaces 320 and 330 to communicate with the secure element 200 and the processor 100 , respectively.
- the connectivity device 300 also includes interface 340 for interfacing and communicating with one or more external devices.
- the connectivity device 300 includes hardware, software, or a combination of hardware and software for interfacing and communicating with the processor 100 , the secure element 200 , and one or more external devices.
- an apparatus for processing a secure transaction includes more than one connectivity device.
- the connectivity device 300 of FIG. 1 may be any device for sending and receiving communications—wired or wireless—to and from the apparatus 10 .
- Examples of the connectivity device 300 as well as each of the connectivity devices depicted in FIGS. 1-6 (i.e., 300 , 300 a , 300 b , 300 n , and 300 z )—include, but are not limited to, a near field communication (NFC) device, a Bluetooth communication device, a wireless local area network (WLAN) communication device, a cellular or other radio frequency (RF) communication device, a satellite communication device, an infrared communication device, and the like.
- NFC near field communication
- WLAN wireless local area network
- RF radio frequency
- the interfaces 320 , 330 , and 340 of the connectivity device 300 allow the connectivity device 300 to communicate with the secure element 200 , the processor 100 , and one or more external devices, respectively.
- the secure element 200 may generate and send an unsolicited communication, including an unsolicited command or instruction, to the connectivity device 300 .
- the connectivity device 300 receives—via interface 320 —the unsolicited communication from the secure element 200 , parses the unsolicited communication to identify the unsolicited command, and executes the unsolicited command.
- the communication and the embedded command may be considered “unsolicited” because the connectivity device 300 did not request the communication from the secure element 200 ; that is, the secure element 200 initiated the communication with the connectivity device 300 .
- the connectivity device 300 (or the interface 320 ) “listens to” and responds to secure element 200 .
- the connectivity device 300 may “listen to” and respond to the processor 100 and one or more external devices in a similar manner.
- the processor 100 may “listen to” and respond to the secure element 200 in a similar manner.
- Each of the interfaces 110 , 130 , 210 , 220 , 320 , 330 , and 340 of FIG. 1 may be implemented in hardware, software, or a combination of hardware and software. Also—as should be apparent to one of ordinary skill in the art—the processor 100 , secure element 200 , and connectivity device 300 may include other interfaces for coupling to and communicating with devices, circuits, chips, components, and the like other than those shown in FIG. 1 .
- each element may provide an application programming interface (API) for the other elements to implement.
- API application programming interface
- the connectivity device 300 provides an API that the secure element 200 , or an application (such as application 201 of FIG. 4 —described further below) executing on the secure element 200 , implements so that the secure element 200 can interact with and exploit the functionality of the communication device 300 .
- the secure element 200 may provide an API that the processor 100 , or an application (such as application 101 of FIG. 4 —described further below) executing on the processor 100 , implements so that the processor 100 can interact with and exploit the functionality of the secure element 200 .
- each element of FIG. 1 may be able to communicate in a format compatible with each other element of FIG. 1 .
- an apparatus for processing a secure transaction may include plural connectivity devices.
- FIG. 2 illustrates an example apparatus 20 for processing a secure transaction that includes a processor 100 and a secure element 200 similar to those depicted and described in accordance with FIG. 1 , but also includes plural connectivity devices 300 a - 300 n .
- the connectivity devices 300 a - 300 n may be the same type of connectivity device or different types of connectivity devices, and may communicate with other devices using the same or different communications protocols.
- connectivity devices 300 a - 300 n may all be NFC devices.
- connectivity device 300 a may be a NFC device
- connectivity device 300 b may be a Bluetooth communication device
- connectivity device 300 n may be a WLAN communication device.
- Each of the connectivity devices 300 a - 300 n in the apparatus 20 of FIG. 2 may couple to and communicate with the processor 100 and the secure element 200 , and vice versa, as depicted and described in accordance with FIG. 1 .
- the secure element 200 of FIG. 2 may include a single interface (such as interface 230 of FIG. 1 ) for communicating with the plural connectivity devices 300 a - 300 n , or may include plural interfaces (such as one interface for each connectivity device) for communicating with the plural connectivity devices 300 a - 300 n .
- the processor 100 of FIG. 2 may include a single interface (such as interface 130 of FIG. 1 ) or plural interfaces (such as one interface for each connectivity device) for communicating with the plural connectivity devices 300 a - 300 n.
- FIG. 7 illustrates an example connectivity device of an apparatus for processing a secure transaction.
- the connectivity device 300 depicted in FIG. 7 may represent any of the connectivity devices depicted in FIGS. 1-6 (i.e., 300 , 300 a , 300 b , 300 n , and 300 z ), and may be disposed in any of the apparatuses depicted in FIGS. 1-6 (i.e., 10 , 20 , 30 a , 30 z , 40 , 50 , and 60 ).
- the connectivity device of FIG. 7 includes interfaces 320 , 330 , and 340 that allow the connectivity device to communicate with the secure element 200 , the processor 100 , and one or more external devices, respectively.
- the interface 320 may support communication with the secure element 200 via the single wire protocol (SWP) or a similar protocol.
- the interface 330 may support communication with the processor 100 via, for example, a high-speed bus, a high speed inter-chip (HSIC) bus, a universal serial bus (USB), a universal asynchronous receiver/transmitter (UART), a universal synchronous/asynchronous receiver/transmitter (USART), a peripheral component interconnect (PCI), a PCI express (PCIe), and the like.
- the interface 340 is coupled to an antenna 710 to send and receive wireless communications.
- the connectivity device 300 of FIG. 7 also includes logic unit 700 , which is coupled to the interfaces 320 , 330 , and 340 .
- the logic unit 700 may be implemented in hardware, software, or a combination of hardware and software.
- the logic unit 700 includes firmware.
- the logic unit 700 partially or completely controls the connectivity device 300 to function as described in relation to FIGS. 1-6 .
- FIG. 8 illustrates another example connectivity device of an apparatus for processing a secure transaction.
- the connectivity device 300 depicted in FIG. 8 may represent any of the connectivity devices depicted in FIGS. 1-6 (i.e., 300 , 300 a , 300 b , 300 n , and 300 z ), and may be disposed in any of the apparatuses depicted in FIGS. 1-6 (i.e., 10 , 20 , 30 a , 30 z , 40 , 50 , and 60 ).
- the connectivity device 300 of FIG. 8 represents two or more of the connectivity devices 300 a - 300 n of FIG. 3 .
- the connectivity device of FIG. 8 includes some components like those described in relation to the connectivity device of FIG. 7 , and, for brevity, a description of like components is not repeated.
- the connectivity device 300 of FIG. 8 includes plural logic units, e.g., 700 a and 700 b , which ma implement the same or different communications protocols.
- the logic unit 700 a may implement WLAN communications
- the logic unit 700 b may implement Bluetooth communications.
- the logic unit 700 a is coupled to the interfaces 330 a and 340 a , for communicating with the processor 100 and one or more external devices, respectively.
- the logic unit 700 b is coupled to the interfaces 330 b and 340 b , for communicating with the processor 100 and one or more external devices, respectively.
- Both logic units 700 a and 700 b are coupled to a switch 800 , which is coupled to the interface 320 for communicating with the secure element 200 .
- the switch 800 is a multiplexer.
- the switch 800 may selectively couple either the logic unit 700 a or the logic unit 700 b to the interface 320 for communicating with the secure element 200 .
- the switch 800 selectively couples more than two logic units to the interface 320 .
- a connectivity device including more than two logic units is within the scope of this disclosure.
- FIG. 3 illustrates two apparatuses, i.e., 30 a and 30 z , conducting a transaction. Because the apparatus 30 a initiates the transaction in FIG. 3 , the pair 30 a and 30 z may be referred to as “master” and “slave” (respectively), or as “reader” and “tag” (respectively); however, the roles of the apparatuses 30 a and 30 z may be reversed without departing from the scope of the disclosure.
- stage 3001 which corresponds to communication (1) of FIG. 3
- the processor 100 a of the apparatus 30 a sends a transaction request to the external destination (apparatus) 30 z via the connectivity device 300 a .
- the transaction request may be generated by an application (e.g., application 101 a ) executing on the processor 100 a , and the application may be used to process—in whole or in part—the transaction.
- the transaction request may be generated in response to user input, such as a user of the apparatus 30 a interacting with an input device coupled to the apparatus 30 a .
- the transaction request from the processor 100 a is sent from the apparatus 30 a via the connectivity device 300 a .
- the secure element 200 z of the apparatus 30 z receives the transaction request via the connectivity device 300 z , and may activate a secure application (e.g., application 201 z ) to generate a response to the transaction request.
- a secure application e.g., application 201 z
- the processor 100 a receives a response from the external destination (apparatus) 30 z via the connectivity device 300 a .
- the secure element 200 z transmits the response generated at stage 3001 via connectivity device 300 z .
- the connectivity device 300 a of the apparatus 30 a receives the response, and communicates the response to the processor 100 a.
- the processor 100 a of the apparatus 30 a sends a command to the secure element 200 a .
- the command may include a request for sensitive or confidential information, authentication of the information received from the apparatus 30 z , instructions for processing a portion of the transaction, and the like.
- the secure element 200 a receives the command, and may activate a secure application (e.g., application 201 a ) to generate a response to the command.
- the processor 100 a receives the response from the secure element 200 a , and processes the transaction.
- a processor such as the processor 100 a
- any sensitive or confidential information used by the processor 100 a to process the transaction may be exposed, intercepted, and subsequently used maliciously and without authorization.
- An example transaction illustrates the security risks posed by the method of FIG. 3 .
- Zoey the user of apparatus 30 z
- Alex may interact with a keyboard, barcode reader, or any other input device of the apparatus 30 a to request an electronic payment from Zoey.
- the processor 100 a receives the input (such as the purchase price), generates a request for payment (e.g., using application 101 a ), and transmits the request for payment to the apparatus 30 z .
- the secure element 200 z may activate a secure electronic payment application (e.g., application 201 z ).
- the secure element 200 z may store sensitive or confidential information about Zoey—such as Zoey's credit card information—and the electronic payment application may access the sensitive or confidential information and prepare a response containing that information.
- the response containing Zoey's credit card information is transmitted from the secure element 200 z (via the connectivity devices 300 z and 300 a ) to the processor 100 a .
- the processor 100 a may command the secure element 200 a to provide sensitive or confidential information about Alex—such as Alex's bank account and routing information—maintained by the secure element 200 a .
- a secure application e.g., application 201 a
- the application 201 a provides Alex's bank account and routing information to the processor 100 a , which—having Zoey's credit card information and Alex's bank account and routing information—processes the transaction to complete the purchase.
- the processor 100 a is compromised by a computer virus or a hacker, Zoey's credit card information and Alex's bank account and routing information may be exposed, intercepted, and subsequently used maliciously and without authorization.
- This example transaction between Alex and Zoey illustrates the security risks associated with the transaction processing method of FIG. 3 .
- FIGS. 4-6 address these security risks, and illustrate example methods for processing a secure transaction.
- each of the apparatuses 40 , 50 , and 60 may include all the features depicted and described in accordance with FIGS. 1 and 2 .
- FIG. 4 an example method of processing a secure transaction where the illustrated apparatus (i.e., apparatus 40 ) operates in a “master” mode or a “reader” mode is depicted.
- the apparatus 40 initiates a secure transaction with an external destination or apparatus that may operate as a “slave” or a “tag.”
- the external destination or apparatus functions as described in accordance with the apparatus 30 z of FIG. 3 or the apparatus 50 of FIG. 5 (described below).
- the processor 100 of the apparatus 40 sends a transaction request to the secure element 200 .
- the transaction request may be generated by an application (e.g., application 101 ) executing on the processor 100 , and may be generated in response to user input such as a user of the apparatus 30 interacting with an input device coupled to the apparatus 30 .
- the processor 100 communicates the transaction request to the secure element 200 .
- the secure element 200 activates the application 201 , and sends an unsolicited command to the connectivity device 300 . More specifically, upon receiving the transaction request in stage 4001 , the secure element 200 may activate a secure application (e.g., application 201 ) to process the transaction. The secure application 201 may generate a communication, which may include a command instructing the connectivity device 300 to send a transaction request to the external destination. In stage 4002 , the secure element 200 sends the communication to the connectivity device 300 .
- the communication and the embedded command may be considered “unsolicited” because the connectivity device 300 did not request the communication from the secure element 200 ; that is, the secure element 200 initiated the communication with the connectivity device 300 .
- the communication sent by secure element 200 to the connectivity device 300 is an APDU.
- the connectivity device 300 receives the unsolicited command from the secure element 200 , and sends the transaction request to the external destination.
- the communication device 300 (or an interface of the communication device 300 ) may “listen” for an unsolicited communication from the secure element 200 .
- the connectivity device 300 parses the unsolicited communication to identify the unsolicited command, and executes the unsolicited command.
- the unsolicited command instructs the connectivity device 300 to send a transaction request to the external destination.
- the secure element 200 receives the response from the external destination via the connectivity device 300 , and processes the secure transaction.
- the external destination may function as described in accordance with the apparatus 30 z of FIG. 3 .
- the response from the external destination may include sensitive or confidential information retrieved from a secure element of the external destination.
- the transaction may be processed by the secure application 201 ; thus, any sensitive or confidential information from the external destination (recall Zoey's credit card information from the example above), or maintained by the secure element 200 (recall Alex's bank account and routing information from the example above) are protected by the secure element 200 and not exposed by the processor 100 .
- the secure element 200 communicates with the processor 100 regarding the transaction.
- the secure element 200 may notify the processor 100 that the transaction is processed, and the processor 100 may thereafter notify a user of the apparatus 40 (e.g., via an output device or the like) that the transaction has completed.
- Stage 4005 is optional, and in some embodiments is not required.
- FIG. 5 illustrates an example method of processing a secure transaction where the illustrated apparatus (i.e., apparatus 50 ) operates in a “slave” mode or a “tag” mode.
- the apparatus 50 processes and responds to a transaction request from an external destination or apparatus that may operate as a “master” or a “reader.”
- the external destination or apparatus functions as described in accordance with the apparatus 40 of FIG. 4 (described above).
- the secure element 200 receives a transaction request from an external destination via the connectivity device 300 .
- the transaction request may seek sensitive or confidential information of the user or a party associated with the apparatus 50 . This information may be stored or maintained by the secure element 200 .
- the secure element 200 activates the application 201 to process the request, and sends an unsolicited command to the processor 100 .
- the secure element 200 activates a secure application (e.g., application 201 ) to respond to the transaction request.
- the secure application 201 may gather information, including sensitive or confidential information, to satisfy the request.
- the secure application 201 requires additional information, authorization to respond to the request, or both additional information and authorization from a device, entity, party, etc. outside of the secure element 200 —such as a user of the apparatus 50 .
- an electronic payment request seeking payment over a certain amount may require authorization (e.g., entry of a personal identification number (PIN)) from the paying party.
- PIN personal identification number
- the secure application 201 may generate a communication, which may include a command instructing the processor 100 to obtain and provide that information.
- the secure element 200 sends the communication to the processor 100 .
- the communication and the embedded command may be considered “unsolicited” because the processor 100 did not request the communication from the secure element 200 ; that is, the secure element 200 initiated the communication with the processor 100 .
- the communication sent by secure element 200 to the processor 100 is an APDU.
- the processor 100 responds to the command from the secure element 200 .
- the processor 100 (or an interface of the processor 100 ) may “listen” for an unsolicited communication from the secure element 200 .
- the processor 100 parses the unsolicited communication to identify the unsolicited command, and executes the unsolicited command.
- the processor 100 may obtain and provide the information, authorization, or both that are required by the secure element 200 (and the secure application 201 ) to respond to the transaction request.
- the application 201 At stage 5004 , corresponding to communication (4) of FIG. 5 , the application 201 generates a response, and the secure element 200 sends the response to the external destination via the connectivity device 300 .
- the secure application 201 may generate a response to the transaction request, which is subsequently sent from the secure element 200 to the external destination via the connectivity device 300 .
- FIG. 6 illustrates an example method for processing a secure transaction where the illustrated apparatus (i.e., apparatus 60 ) operates in a “slave” mode or a “tag” mode to establish a communication channel or link.
- the communication channel may be a secure communication channel.
- the connectivity device 300 a receives a transaction request from an external destination.
- the transaction request may seek to establish a secure communication channel other than the communication channel carrying the transaction request.
- the connectivity devices 300 a and 300 b of the apparatus 60 may be a NFC device and a WLAN communication device, respectively.
- the transaction request arrives via the NFC device, and seeks to establish a secure WLAN communication channel, or vice versa.
- the secure element 200 receives the transaction request via the connectivity device 300 a , and activates the application 201 to respond to the transaction request. More specifically, upon receiving the transaction request in stage 6001 , the secure element 200 may activate a secure application (e.g., application 201 ) to respond to and process the transaction.
- a secure application e.g., application 201
- the secure element 200 or the secure application 201 includes one or more encryption keys that may be used to perform cryptography—such as public-key cryptography and private-key cryptography. Using these keys and cryptography techniques, the secure application 201 and an application at an external destination may encrypt all communications to increase the security of their communications. Also, the secure application 201 and an application at an external destination may use encryption keys to authenticate over a completely open communication channel—such as Bluetooth or WLAN—without concern over the security of the communication channel. For example, the secure application 201 and an application at an external destination may include pre-shared private keys. These private keys may be used to authenticate the source of communications between the secure application 201 and the application at the external destination. These cryptography and authentication techniques may also apply to the apparatuses and methods of FIGS. 4 and 5 .
- the secure element 200 sends an unsolicited command to the connectivity device 300 b .
- the secure application 201 may generate a communication, which may include a command instructing the connectivity device 300 b to establish a communication link to an external device; the secure element 200 sends the communication to the connectivity device 300 b .
- the communication and the embedded command may be considered “unsolicited” because the connectivity device 300 b did not request the communication from the secure element 200 ; that is, the secure element 200 initiated the communication with the connectivity device 300 b .
- the communication sent by secure element 200 to the connectivity device 300 b is an APDU.
- the connectivity device 300 b sends a response to an external destination.
- the connectivity device 300 b (or an interface of the connectivity device 300 b ) may “listen” for an unsolicited communication from the secure element 200 .
- the connectivity device 300 b parses the unsolicited communication to identify the unsolicited command, and executes the unsolicited command.
- the connectivity device 300 b establishes a secure communication channel with an external destination.
- the external destination in stage 6004 may be the same as or different than the external destination in stage 6001 .
- a NFC reader that sends a transaction request to the apparatus 60 may be disposed at a first physical location (e.g., a cash register), and a WiFi router to which the apparatus 60 establishes the secure WLAN communication channel may be disposed at a second physical location (e.g., a utility closet).
- a first physical location e.g., a cash register
- a WiFi router to which the apparatus 60 establishes the secure WLAN communication channel may be disposed at a second physical location (e.g., a utility closet).
- the apparatus 60 of FIG. 6 may include any number of connectivity devices, and the secure element 200 may choose which connectivity device to send the command based on the transaction request.
- the secure element 200 may send an unsolicited command to a Bluetooth communication device when the transaction request seeks a Bluetooth communication channel; a WLAN communication device when the transaction request seeks a WLAN communication channel; a cellular communication device when the transaction request seeks a cellular communication channel; and the like.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Business, Economics & Management (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Health & Medical Sciences (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Mathematical Physics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims (20)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/930,604 US9594917B2 (en) | 2013-06-28 | 2013-06-28 | Secured multi-directional, multi-interface transaction processing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/930,604 US9594917B2 (en) | 2013-06-28 | 2013-06-28 | Secured multi-directional, multi-interface transaction processing |
Publications (2)
Publication Number | Publication Date |
---|---|
US20150007335A1 US20150007335A1 (en) | 2015-01-01 |
US9594917B2 true US9594917B2 (en) | 2017-03-14 |
Family
ID=52117095
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/930,604 Active US9594917B2 (en) | 2013-06-28 | 2013-06-28 | Secured multi-directional, multi-interface transaction processing |
Country Status (1)
Country | Link |
---|---|
US (1) | US9594917B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11500989B2 (en) | 2019-02-15 | 2022-11-15 | Nxp B.V. | Method of managing priority in the context of a secure element domain with multiple interfaces, electronic device and communication system |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR3031613B1 (en) * | 2015-01-09 | 2018-04-06 | Ingenico Group | METHOD FOR PROCESSING A TRANSACTION FROM A COMMUNICATION TERMINAL |
EP3065097B1 (en) * | 2015-03-05 | 2019-05-08 | Nxp B.V. | Device and method for facilitating a transaction |
CN107562689A (en) * | 2016-07-01 | 2018-01-09 | 华为技术有限公司 | A kind of system level chip and terminal |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130060959A1 (en) * | 2011-09-02 | 2013-03-07 | Ebay Inc. | Secure elements broker (seb) for application communication channel selector optimization |
US20130073448A1 (en) * | 2011-09-18 | 2013-03-21 | Google Inc. | One-Click Offline Buying |
US8559987B1 (en) * | 2005-12-31 | 2013-10-15 | Blaze Mobile, Inc. | Wireless bidirectional communications between a mobile device and associated secure element |
US20130317927A1 (en) * | 2012-05-24 | 2013-11-28 | Jvl Ventures, Llc | Systems, methods, and computer program products for providing a contactless protocol |
US8706081B1 (en) * | 2012-12-18 | 2014-04-22 | Google Inc. | Packet inspection in near field communication controller for secure element protection |
US20140244513A1 (en) * | 2013-02-22 | 2014-08-28 | Miguel Ballesteros | Data protection in near field communications (nfc) transactions |
US20140256251A1 (en) * | 2013-03-11 | 2014-09-11 | Cellco Partnership D/B/A Verizon Wireless | Secure nfc data authentication |
-
2013
- 2013-06-28 US US13/930,604 patent/US9594917B2/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8559987B1 (en) * | 2005-12-31 | 2013-10-15 | Blaze Mobile, Inc. | Wireless bidirectional communications between a mobile device and associated secure element |
US20130060959A1 (en) * | 2011-09-02 | 2013-03-07 | Ebay Inc. | Secure elements broker (seb) for application communication channel selector optimization |
US20130073448A1 (en) * | 2011-09-18 | 2013-03-21 | Google Inc. | One-Click Offline Buying |
US20130317927A1 (en) * | 2012-05-24 | 2013-11-28 | Jvl Ventures, Llc | Systems, methods, and computer program products for providing a contactless protocol |
US8706081B1 (en) * | 2012-12-18 | 2014-04-22 | Google Inc. | Packet inspection in near field communication controller for secure element protection |
US20140244513A1 (en) * | 2013-02-22 | 2014-08-28 | Miguel Ballesteros | Data protection in near field communications (nfc) transactions |
US20140256251A1 (en) * | 2013-03-11 | 2014-09-11 | Cellco Partnership D/B/A Verizon Wireless | Secure nfc data authentication |
Non-Patent Citations (2)
Title |
---|
Galla, Francesco, "NFC Tags-A technical introduction, applications and products," NXP Semiconductors, Rev. 1.3, Dec. 1, 2011. |
Langer et al., "Secure Element Development," Near Field Communication Research Lab Hagenberg, Oulu Developers Summit, Sep. 4, 2009. |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11500989B2 (en) | 2019-02-15 | 2022-11-15 | Nxp B.V. | Method of managing priority in the context of a secure element domain with multiple interfaces, electronic device and communication system |
Also Published As
Publication number | Publication date |
---|---|
US20150007335A1 (en) | 2015-01-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11397936B2 (en) | Method, device and secure element for conducting a secured financial transaction on a device | |
KR101820573B1 (en) | Mobile-merchant proximity solution for financial transactions | |
US9445262B2 (en) | Authentication server, mobile terminal and method for issuing radio frequency card key using authentication server and mobile terminal | |
TWI421777B (en) | Identification processing apparatus and mobile apparatus thereof | |
US9483417B2 (en) | Mobile electronic device with transceiver for wireless data exchange | |
KR20140140079A (en) | Processing payment transactions without a secure element | |
US9396468B2 (en) | Apparatus for securing electronic transactions using secure electronic signatures | |
US9594917B2 (en) | Secured multi-directional, multi-interface transaction processing | |
EP3122084B1 (en) | Mobile communication device supported by a cloud-based computer system | |
TWI626607B (en) | Smart card with dynamic token OTP function and working method thereof | |
JP6408969B2 (en) | Mobile device, method for facilitating transactions, computer program and product | |
US20210256499A1 (en) | Non-contact communication method and communication device | |
TWI650715B (en) | Payment system based on near field communication and method thereof | |
CN205847259U (en) | A kind of bluetooth equipment and Bluetooth system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH CAROLINA Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:BROADCOM CORPORATION;REEL/FRAME:037806/0001 Effective date: 20160201 Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:BROADCOM CORPORATION;REEL/FRAME:037806/0001 Effective date: 20160201 |
|
AS | Assignment |
Owner name: NXP B.V., NETHERLANDS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BROADCOM CORPORATION;REEL/FRAME:039901/0237 Effective date: 20160808 |
|
AS | Assignment |
Owner name: BROADCOM CORPORATION, CALIFORNIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS COLLATERAL AGENT;REEL/FRAME:041712/0001 Effective date: 20170119 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
AS | Assignment |
Owner name: BROADCOM CORPORATION, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BUER, MARK;AWAD, MOHAMED;SIGNING DATES FROM 20170103 TO 20170707;REEL/FRAME:043062/0838 |
|
AS | Assignment |
Owner name: NXP B.V., NETHERLANDS Free format text: NUNC PRO TUNC ASSIGNMENT;ASSIGNOR:BROADCOM CORPORATION;REEL/FRAME:044622/0258 Effective date: 20180112 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 4 |